MitmWs is an HTTP proxy designed specifically for pentesting applications that use websockets.
- analyzer model
- one click replay optimization
- Replay and modify captured websocket conversations
- Create websocket conversations from scratch
- Define targets and scan conversations
- "Drop-in" to existing websocket connections
- Search traffic
- Scripting support for rules, variables, upgrade scripts etc
- Environment variables applied to manual/automatic tester
- Rule based anomaly detection
- Built-in http server / websocket server ( can be customized with scripts )
- Updates for payloads & scripts
- Protocol level testing
- Fuzzing integration ( zzuf example rule )
- Interactsh integration
- Script based actions for events
- Regex based breakpoints
- Selenium support for upgrade requests
- Selenium "monitor" for XSS detection
- Remote monitoring agent
- Download MitmWs from the releases tab
- Extract to convenient location
- Run
mitmws